apparmor does not restrict read-access [intrepid]
Bug #278619 reported by
fx5
This bug report is a duplicate of:
Bug #269921: Apparmor appears to not restrict read-access.
Edit
Remove
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor (Ubuntu) |
Invalid
|
High
|
Unassigned |
Bug Description
Binary package hint: apparmor
I think apparmor is broken in intrepid and allows to read everything. This causes bug #269921.
I created a profile /etc/apparmor.
/home/fx5/cat {
/lib/** rmix,
/usr/** rmix,
}
Here is what i did then :
$ cp /bin/cat /home/fx5/cat
$ sudo /etc/init.
$ /home/fx5/cat /home/fx5/test.txt
You should not see this.
Doing the same on my hardy-installation results in:
$ /home/fx5/cat /home/fx5/test.txt
/home/fx5/cat: /home/fx5/test.txt: Permission denied
To post a comment you must log in.
Thanks fx5, but there's no need to create a new bug for this. I've just assigned the original bug to Apparmor and adjusted the title accordingly.